NOTICE OF PRIVACY PRACTICES PROTECTED HEALTH INFORMATION


THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

The law requires us to make sure that medical information that tells who you are is kept private. It also requires us to give you this notice of our legal duties and privacy practices to tell you what we do with the medical information about you. To better understand this law, you may want to read it. It is in 45 CFR Part 164. In the unlikely event that the information we have about you should be obtained by someone who is not supposed to have it, the law requires us to notify you.

We are required to follow the practices outlined in this notice. We have the right to change this notice and our privacy practices in the future. Any changes made will apply to all of the medical information we have about you at that time. If we make a change, we will put up a notice in our building. We will also give you a copy of the new notice if you ask for it. You can also read about these changes on the computer. We have this information on our website at www.pbrc.edu.

Pennington Biomedical maintains some of its treatment Designated Record Set through the use of an electronic health record (“EHR System”) maintained by Louisiana Children’s Medical Center. Through the EHR System, PHI of patients of Pennington Biomedical is combined with that of other Covered Entities that participate in the EHR System (each, a “Participating Covered Entity” and collectively, the “Participating Covered Entities”), such that each patient has a single, longitudinal health record with respect to physician office services provided by the Participating Covered Entities.

Through the EHR System, the Participating Covered Entities have formed an organized system of health care in which the Participating Covered Entities participate in joint utilization review and/or quality assurance activities, and as such qualify to participate in an Organized Health Care Arrangement (“OHCA”). As OHCA participants, all Participating Covered Entities may use and disclose the PHI contained with the EHR System for the Treatment, Payment and Health Care Operations purposes of each of the OHC participants.

DEVELOPER IDENTIFICATION:


JPL Technical Solutions is the official developer of the Diabetes Clinic app. Their responsibilities encompass the design, implementation, and ongoing enhancement of the app, ensuring a seamless and functional user experience. They are dedicated to maintaining the highest standards of security, app performance, and reliability to effectively serve the needs of users.

HOW YOUR MEDICAL INFORMATION MAY BE USED:


In general, we may use your medical information in a number of ways:

To provide patient care to you. Your medical information may be used by the doctors, nurses and other professionals who are treating you. For example, your medical information is used to help them find out your problem and to decide the best way to treat you.

Appointment Reminders. We may use your medical information to contact you to remind you of appointments, and to give you information about other treatment options or other health related benefits and services that may be of interest to you.

To obtain payment. Your medical information may also be used by our business office to prepare your bill and process payments from you as well as from any insurance company, government program, or other person who is responsible for payment.

For our healthcare operations. Your medical information may be used to review the quality and appropriateness of the care you receive. We may also use your medical information to put together information to see how we are doing and to make improvements in the services and care we give you. In some cases, we may have students, trainees, or other health care personnel, as well as some non-health care personnel, who come to our facility to learn under our guidance to practice or improve their skills.


To create de-identified databases. We may use your medical information for the purpose of removing information that tells anyone who you are and putting it in a computer program. Your information may be completely de-identified or partially de-identified. This information is often used for research purposes. If your information is partially de-identified, it is called a “limited data set.”

Fundraising. We may use your medical information to raise funds for our organization directly or to raise funds for our organization through an institutionally – related foundation or business associates. You may receive communications about these fundraising activities. You have the right to request that you not be contacted by us for purposes of fundraising and we must agree to your request.

HOW YOUR MEDICAL INFORMATION MAY BE DISCLOSED:


In addition to using your medical information, we may disclose all or part of it to certain other people. This includes giving your information to:

You. In order to get your medical information, you will need to fill out an authorization form. You may also have to pay for the cost of some or all of the copies.

People You Ask Us To Give It To. If you tell us that you want us to give your medical information to someone, we will do so. You will need to fill out an authorization form. We must obtain your written authorization before disclosing information you have shared with one of our psychiatrists, psychologists, or counselors in a private session, or to use your information to market our services, or to sell your information. We must obtain your authorization to use or disclose your information in any way that is not otherwise described in this notice. You may stop this authorization at any time. We are not allowed to force you to give us permission to give your medical information to anyone. We cannot refuse to treat you because you stop this authorization.

Payers. We have the right to give your medical information to insurance companies, government programs such as Medicare and Medicaid and the people who process their claims as well as to others who are responsible for paying for all or part of the cost of treatment provided to you. For example, we may tell your health insurance company what is wrong with you and what treatment is recommended or has been given. Also, if your treatment is or may be covered by worker’s compensation, we may give medical information to the people who handle your worker’s compensation, the Louisiana Office of Worker’s Compensation Administration and to your employer.

Our “business associates.” Business associates are companies or people we contract with to do certain work for us. Examples include billing services, information to auditors, attorneys, information technology professionals, and specialized people providing management, analysis, utilization review or other similar services to us. Another example is the giving of health information to a business associate so that the business associate can create a de-identified data base. Business associates are required to agree to take reasonable steps to protect the privacy of your medical information.

Limited Data Set Recipients. If we use your information to make a “limited data set,” we may give the “limited data set” that includes your information to others for the purposes of research, public health action or health care operations. The persons who receive “limited data sets” are required to agree to take reasonable steps to protect the privacy of your medical information.

The Secretary of the U. S. Department of Health and Human Services. The Secretary has the right to see your records in order to make sure we follow the law.

Public Health Authorities. We may disclose your medical information to a public health authority responsible for preventing or controlling disease, maintaining vital statistics or other public health functions. We may also give your medical information to the Food and Drug Administration in connection with FDA-regulated products.

Law Enforcement Officers. We may reveal your medical information to the police. We may also give your medical information to persons whose job is to receive reports of abuse, neglect or domestic violence. And, if we believe that releasing this information is needed to prevent a serious threat to the health or safety of a person or the public, we are allowed to reveal your medical information.

Health Oversight Agencies. We may give your medical information to agencies responsible for health oversight activities, such as investigations and audits, of the health care system or benefit programs, as allowed by law.

Courts and Administrative Agencies. We may reveal your medical information as required by a judge for a legal issue.

Coroners and Funeral Directors. We may reveal medical information about persons who have died to coroners, medical examiners, and funeral directors, as allowed by law.

Organ Transplant Services. We may reveal your medical information to agencies that are responsible for getting and transplanting organs.

Research. We may reveal your medical information in connection with certain research activities. With your authorization, we may disclose pertinent information such as your name, social security number, study name, and dates of participation to our Accounts Payable department to issue human research subjects reimbursement and/or compensation payments.

Specialized Governmental Functions. We may disclose your medical information for certain specialized governmental functions, as allowed by law. Such functions include:

Required by Law. We may also reveal your medical information in any other circumstance where the law requires us to do so.

HOW WE SECURE YOUR INFORMATION:


We work hard to protect our organization and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold.

In particular:

OBJECTIONS TO USES AND DISCLOSURES:


In certain situations, you have the right to object before your medical information can be used or revealed. This does not apply if you are being treated for certain mental or behavioral problems. If you do not object after you are given the chance to do so, your medical information may be used:

Patient Directory. In most cases, this means your name, room number or location and general information about your condition may be given to people who ask for you by name. Also, information about your religion may be given to members of the clergy, even if they do not ask for you by name.

Family and Friends. We may disclose to your family members, other relatives and close personal friends, any medical information that they need to know if they are involved in caring for you. For example, we can tell someone who is assisting with your care that you need to take your medication or get a prescription refilled or give them information about how to care for you. We can also use your medical information to find a family member, a personal representative, or another person responsible for your care and to notify them where you are, about your condition or of your death. If it is an emergency or you are not able to communicate, we may still give certain information to persons who can help with your care.

Disaster Relief. We may reveal your medical information to a public or private disaster relief organization assisting with an emergency.

OTHER RIGHTS REGARDING YOUR MEDICAL INFORMATION:

You also have the following rights regarding your medical information:

You have the right to ask us to treat your medical information in a special way, different from what we normally do. Unless you have the right to object to the use of the information, we do not have to agree with you. If we do agree to your wishes, we have to follow your wishes until we tell you that we will no longer do so. However, you have the right to request restrictions on disclosures of information about a health care item or service which you have paid in full out of pocket. We must agree to your request as long as the restriction applies to seeking payment or our health care operations and not required by law.

You have the right to tell us how you would like us to send your information to you. For example, you might want us to call you only at work or only at home. Or you may not want us to call you at all. If your request is reasonable, we must follow your request.

You have the right to look at your medical information and, if you want, to get a copy of it. We can charge you for a copy, but only a reasonable amount. Your right to look at and copy your medical records is based upon certain rules. For example, we can ask you to make your request in writing or, if you come in person, that you do so at certain times of the day.

You have the right to ask us to change your medical information. For example, if you think we made a mistake in writing down what you said about when you began to feel bad, you can tell us. If we do not agree to change your record, we will tell you why, in writing, and give you information about your rights.

You have the right to receive notifications of breaches of your medical information.

You have the right to be told to whom we have given your medical information in the six years before you ask. This does not apply to all disclosures. For example, if we gave someone your medical information so that they could treat you or pay for your care, we do not have to keep a record of that.

You have the right to get a copy of this notice at no charge.

You have the right to complain to us or to the United States Department of Health and Human Services if you believe that we have violated your privacy rights. To complain to us, please contact our Privacy Officer at 225-763-2515 or by writing to us at:

HIPAA Privacy Officer 6400 Perkins Road

Baton Rouge, Louisiana 70808


If you choose to file a complaint, you will not be penalized in any way.

If you would like further information about your rights or about the uses and disclosures of your medical information, you may contact our HIPAA Privacy Officer at 225-763-2515 or by writing to us at:


HIPAA Privacy Officer

Pennington Biomedical Research Center 6400 Perkins Road

Baton Rouge, LA 70808